Manufacturing and Cyber Risk

Introduction

With the sector now the third most targeted for cyber-attack, a comprehensive approach to cyber-security is not something that manufacturers can afford to ignore. Cyber-vulnerability is a major barrier to business growth, threatening loss of data, theft of capital and intellectual property, disruption to business and impact on trading reputation. In a recent survey, 48% of manufacturers interviewed said that they had at some point in time been subject to a cyber-security incident, and suffered some financial loss, or disruption to business as a result. With the increasing digitisation, it is likely that the frequency and severity of these types of attacks will only broaden and deepen and it is therefore more important than ever for manufacturers to stay secure, vigilant and resilient.

Specific Concerns/ Risks

The theft of sensitive data and the risk of ransomware attack is a specific concern for manufacturers. Hackers are aware that they can demand high ransom payments in exchange for unencrypted data, as well as use personal information for fraud or blackmail. This can result in significant costs; from notification costs in advising affected individuals and authorities, to restoration costs, fines and penalties, litigation costs, business interruption costs and the costs associated with reputational damage.

Manufacturers are entrusted with the blueprints and intricate details of a third-party business’s intellectual property. With high levels of competition within the manufacturing sector, industrial espionage for competitive advantage is therefore a common threat. For example, data might be stolen to gain personal competitive advantage, disrupt the business’s operations, or to be sold on to competitors. Additionally, manufacturers are seeing attacks that consist of defacing a business’s website to undermine the credibility of that business or be used as part of a blackmail campaign.

Manufacturers are working hard to ensure that their supply chains are digitalised; implementing connected platforms and devices that are capable of capturing data points from across the value chain and using it to inform others. This has improved the management and flow of materials and goods, to maximise efficiency within the organisation. Unfortunately, it has also presented new opportunities for cyber-criminals to target production lines and damage not only the technology, but the physical infrastructure as well. This increased digitisation means that the aftermath effects have been amplified, with the potential to damage a firm’s reputation, stunt the inflow of their revenue and potentially even put it out of business.

The tiniest of variances in the performance of operational technology could cause manufacturing disruptions, leading to defective products, production downtime, physical damage, and potentially even injuries and deaths. Considering manufacturing factories generally employ a large number of employees, the liability costs could be detrimental as would the subsequent product recall and reputational damage.

Types of Cyber Claims

In August 2017, a petrochemical manufacturer in Saudi Arabia was infected with a malware designed to cause a catastrophic explosion by targeting their industrial control systems. It was constructed to override the facility’s safety system, that stops automated equipment going beyond safe operating conditions. The firm was therefore exposed to a wealth of liability charges, as employees were exposed to risks that could have caused bodily injury and death. A comprehensive cyber policy would have covered business interruption costs and PR advice to minimise reputational damage and risk management services for during and post breach support.

A German steel mill was hacked by a sophisticated attacker using social engineering and spear-phishing tactics to infect the office computer network. Crucial controls were tampered with, making it impossible to turn off the blast furnace and as a result causing irreparable damage to the foundry. The attacker, likely an industry insider or someone working with an insider, had specific knowledge of the production process involved so that maximum damage could be done to the normal workings of the mill. As the office network was connected to the industrial control systems, the attackers effectively took control of production causing product recall, reputational damage and the need to pay out ransom in the form of bitcoin.

In August 2018, one of the world’s largest semiconductor manufacturers which includes Apple amongst its customers, was forced to close down its semiconductor fabrication plants after a computer virus got into its systems. This occurred when a supplier installed a software without a virus scan which then spread through their various facilities. This caused business interruption, not only to the manufacturer itself, but to their clients as well. Fortunately, their cyber coverage included contingent business interruption, to cover the costs incurred by the third-party dependent on the manufacturer.

When it comes to cyber insurance, Safeonline is a Lloyd’s broker that is both experienced and innovative in providing the best cyber solution to fit your client’s requirements.

Safeonline LLP encourages everyone in the UK to follow Government advice and to stay inside as much as possible during this national emergency. It is the only way to save our NHS and the lives of many.

Safeonline are well versed in agile and remote working and continue to operate as normal, despite the tricky times. Please do not hesitate to get in touch should you require assistance with any current or new placements.